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MEMORANDUM FOR: Deputy Director for Administration gi-b 
ODP # 
THROUGH: 


Acting Deputy Director for Operations 


Comptroller 


Lel£, Intormation 0 nt Staff 
SUBJECT: DDO Field Operational/Information Security 
25X1 Program = 


Ll. For the past several years the Directorate of Operations 
has been actively working on a program to improve information 
security at the DO field facilities. Included in this program have 
been actions to reduce information holdings in the field, convert 
paper indices and regulations to microfiche, install better des- 
truction capabilities, and improve information handling procedures. 
All of these measures have been effective in enhancing information 
security in the field and in forming the foundation for the cap- 
stone of the program - the automated "paperless office", The 
(almost) paperless office will permit the establishment of rigorous | 
controls over information flow. It will improve protection against 
the Loss of classified information to hostile forces in crisis 
situations, because electronic files can be more rapidly destroyed 
in an emergency. In addition to enhancing information security, 
the almost paperless office will result in increased efficiency and 
effectiveness at DO field facilities. The labor intensive func- 
tions of document preparation, handling, reproduction, filing, and 
distribution will be electronically supported and thus easier to 
perform and less time consuming. Similarly, the retrieval of 
information will be faster and the presentation of information will — 
be in a form tailored to specific field station needs. [__] 25X1 


. ae We have been pursuing this program, called CRAFT, since 
1977. Requirement definition studies have been conducted; instal- 
lation, maintenance, and operations planning have been initiated; 25X1 
development and implementation of four testbed systems 


25X1 
25X1 


effected; and hardware an yo uated and 
analyzed in order to stay abreast of technological advancements. 

(CRAFT will use off-the-shelf equipment to avoid long, resource~ 25X41 
consuming and expensive R&D efforts.) [| 5X1. 


INTELLIGENCE SOURCES 
AND METHODS INVOLVED 
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3. Our requirements definition studies and experience with 
the testbed systems have resulted in the identification of func- 
tional requirements in five categories. 


A. 


Full Text Document Electronic Storage and Retrieval 


To provide better information control and facilitate 
the rapid destruction of field information holdings 
in the paperless office environment, a capability 
must be provided to support the electronic storage, 
retrieval, and display of incoming and outgoing docu- 
ments. The document storage process must provide for 
initial document review; entry of intra-Station rout- 
ing information, action indicators and general com- 
ments; generation of indexing information; and the 
filing of the document into one or more files. The 
filing system must support multiple files which are 
logically and physically separate. For files that 
are separated only logically, the system will store 
only a single copy of the document, but the document 
must appear to the user to be contained in each uni- 
quely named file to which the document is indexed. 
Automatic and user-initiated document purge by file 
and by system must be provided. Document purge will | 
also include appropriate document-index updates. ‘The _ 
document retrieval process must facilitate retrieval 
by document number, addressee, subject, date, and/or 
substance (key word, key phrase, etc.). Further, a 
scrolling capability must be provided for File brows- 
ing. 


Electronic Mail Distribution 


The system must provide the capability for the 
electronic routing of documents to and from the cen-~ 
tral storage facility under the control of the master 
terminal. The system must also support distribution 
of documents to multiple addresses and include a , 
broadcast capability. . For security reasons distribu- 
tion must be on an end-user demand basis. Worksta- 
tion-to-workstation communication (via the central 
storage facility) must also be provided. 


Word Processing 


This capability is needed to provide a mechanism for 
source data automation of the documents prepared at 
the field facility. The specific features that must 
be supported are: 


(1) Page - Forward or backward movement through a 
file of text, one screen at a time. 
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(2) 


(3) 


(4) 


(5) 
(6) 


(7) 
(8) 


D. - Data Processing 


Scroll ~ Forward or backward movement through a 
file of text, one line at a time. 


Insert -— Inserting text in an existing line; 
preexisting text will be separated in the desig- 
nated position to make room. 


Change - Overtyping existing text with new 
characters. 


Delete ~ Eliminating characters, words, lines. 


Move — Relocate or copy a defined block of text 
from one location to another within the file. 


Line-Number ~ The ability to number lines. 


Print or Display Formatting - A file or a full 
screen of text may be displayed or printed. 
Formatting for files will consist of defining 
editor formats (e.g., lines-per~page, double- 
space, margin sizes, right-justification, etc.), 
if desired. 


Ey Communications Interface 


To close the loop on the paperless office, a 
mechanism is required that will facilitate the pro- 
cessing of incoming and outgoing message traffic in 
electronic form between the Station communications 
center and the information handling system. This 
interface must of necessity be either electrical or 
media (floppy disks, paper tape, etc.) in nature. 


4. To comply with existing Agency policy as well as to meet 
program objectives and field station requirements, the selected 
system must have the following characteristics and features. (A 
summary of system requirements is provided at Annex A.) 
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‘ Fully NACSEM 5100 (TEMPEST) certified to protect against 
the emanation of compromising signals. 


é A high degree of reliability to ensure that the MTBF 
coupled with on-site redundant hardware and spare parts 
and area float equipment will result in a 99.9% system 
availability. (NOTE: Office of Communication will pro- 
vide on-site and depot maintenance support. Contractor 
involvement will be limited to repair and return of plug 
board components and major end-item equipment that has 
experienced catastrophic failure.) 


= The system must be compact and modular to permit installa~ — 
tion in minimal space available in the DO field facilities 
and to allow for growth as requirements expand. 


‘ The system must be secure. At a minimum, the system and 
file access must be under password control and data com- 
partmentation must be supported; a system activity log 
must be maintained; non-removable memory must be volatile; 
magnetic disk units must be removable and easily degaussa- 
ble (this eliminates the “sealed" disk unit technology) ; 
and an emergency disk destruction capability must be pro-~ 


vided. 

. For maintenance, spares, software, and operating supply 
efficiencies, standard, single family systems are 
required. 

2 The system must be "user-friendly" since the majority of 


field personnel will not be technically oriented. 


. The system must be programmable to support the specific 
field processing requirements outlined in the previous 
paragraph. a 


5. As part of the project planning effort, IMS has been 
reviewing, analyzing, and testing various hardware configurations 
to determine the feasibility of obtaining an off-the-shelf system 
to support the project requirements. In the testbeds, VYDEC, 
Honeywell, and Delta Data products have been employed, and hands-on 
testing of the WANG, Lexitron, and Lanier product lines has been 
performed. None of these systems has been totally responsive to 
the requirements. As can be seen from the attached market survey 
(Annex B),.there is no single manufacturer that is yet capable of 
meeting all of the project needs. 


25X11 
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CIA Field Automation Requirements 


GENERAL 


configurations used in support of the Agency's overseas 


automation project must 


Il. 


1. employ standard,single line hardware components and 


application software systems; 


2. be modular; 


3. be user friendly with menus and prompts to assist the 
non-ADP professional field officer in the use of the 


system; 


4. be compatible with Headquarters based computer 
systems to facilitate interaction and data exchange 


between the field and Headquarters; 


5. employ a work station that will function with either 


the field or Headquarters configurations. 


FUNCTIONAL SUPPORT REQUIREMENTS 


A. Word Processing 


1. Text edit functions to include insert, delete, 
move, copy, justify (by keystroke) characters, 


words, lines, paragraphs, and sections. 


2. Input, edit, and output by docunent. (nat page), 


including pagination without user entered 
feeds. 


3. Search for and change character strings 


throughout.a document or file of documents. 
4. Pre-defined formatted screens far input. 


5. Programmable function keys ta allow 
keystroke use of common text and functions. 
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B. Document Storage and Retrieval 


1. Logical storage of documents in one 
files. 


2. Retrievable by multiple, user specified, 
of the document. 


or more 


sections 


3. Boolean logic capability for document retrieval. 


4. Manipulation of incoming, outgoing, and stored 


documents. 


5. Forward and backward paging through a retrieved 


document. 


6. Deletion of multiple number of documents by 


criteria such as document date. 


7. Document annotation. 


C. Electronic Mail 


1. Creation and editing. of permanent dis 
lists. 


2. Automatic index of incoming queue for 
receiver. 


3. Automatic confirmation of receipt. 


tribution 


review by 


4. Logical distribution of documents into user 


queues. 


5.  Schedulable automatic distribution to user. 


6. Non-scheduled priority distribution at 
request. 


7. Multi-point document distribution. 


D. Data Management System 


operator 


1. Formatted screen to support data input and 


output. 
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2. Query language with Boolean lagic including a 


"contains" verb for character by character 
search. 


3. Data validation, including table lookup, during 
input. 
4, Exec language that allows individual tailoring of 
system functions. 
5. Flexible report generation 
E. Data Processing 
1. Security system that provides read and write 
password protection on all functions, documents, 
and files. 
2. Multi-Key ascending and descending sort. 
3. File and volume utilities which provide Eeetes 
= delete, rename, and list functions. 
4. High level programming language which allows 
manipulation of all file types on the system. 
5. Workstation to workstation message communication. 
F. Comprehensive system security capability to support 


requirements set forth in the “Security Requirements 
for Automated Information Systems located in Overseas 
Installations.” 


SYSTEM REQUIREMENTS 


A. General 
1. All System components TEMPEST certified. 
Ze Size, sound, and power compatible with the office 
environment. 
3. Hardware architecture to facilitate least 


replaceable unit (LRU) maintenance. 
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5. Operate on either 50 or 60 cycle power, between 
110-220 volts. 


6. Operate between 50 to 90 degrees Fahrenheit at 20 
80% relative humidity. 


7. Workstations 


a. Screen display size - 80x24, horizontal 
scroll to 132. 


b. Screen display buffer - 8k bytes. 


c. Locally programmable - 128k bytes or 
automatic paging. 


d. Software trap and test on all keys. 


e. Functions keys that can be loaded under 
program control. 


£. Numeric key pad and cursor control keys. 


g. Telecommunications options to allow use as an 
interactive terminal with remote host. 


h. Multiple ports for connections with disk 
drives and printers. 


i. Alternate character sets. 

j. Support software required to implement all 
systems outlined in the funet ional 
requirements. 

8. Disk/Diskette Storage 


a. Removable media. 


b. Media of common design to allow multiple 
suppliers. 


c. Sharable by more than one processor or 
workstation. 


d. Nonsealed disk packs. 
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10. 


Printer 
a. Impact type printing. 
b. Letter quality output on bond paper. 


c. Multiple fonts to include OCR-A_ and foreign 
alphabets. a 


d. Printing speed of at least 40 CPS. 

e. Single sheet or form feed. 

f. Print width of 132 characters. 

Central Processor 

a. Main memory sufficient to support 
multiprogramming of functional software and 
up to 24 simultaneous users. 

b. Able to support software required to 


implement all systems outlined! in the 
functional support requirements. : 


Small Configuration 


1. 


2e 


3. 


Disk Drives - sharable by all workstations. 


Multiple drives per configuration required for 
redundancy. Online capacity up to 80 MB each . 


Printer - Two devices sharable by all 
workstations. 


Workstations -~- 2 to 4. 


Medium Configuration 


te 


pisk Drives. ~ sharable by all workstations. 
Multiple devices per configuration required for 
redundancy. Online capacity up to 160 MB each. 
Printer ~ 2 to 3 sharable by all workstetions. 


Workstations - 7 to 12. 
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D. Large Configuration 


i. Disk Drives ~- sharable by all workstations. 


Multiple devices per configuration to provide © 


redundancy. Online capacity up to 600 MB. 
B. Printer ~ up to 4 shared among workstations. 


C. Workstations - 12 to 24. 


Approved For Release 2004/02/04 : CIAS&RDP84-00933R000100130027-0 
SEC ht 


STAT 


ATTACHMENT B 
Approved For.§glease 2004/02/04 : CIA-RDP84-00933@800100130027-0 


27 April 1981 


MEMORANDUM FOR: 


FROM: 
SG/AD 


SUBJECT: Market Survey of Tempest Approved 
Office Information Systems 


1. A market survey was conducted during March 1981 to 
determine the availability of Word Processing or Office 
Information Systems with Tempest Certification. This survey 
was intended to determine what, if any, systems are on the 
market which meet the specifications for both field and 
Headquarters installations as determined by the project design 
teams. 


Zs. ihe criteria for evaluation included only the basic 
requirements in the following categories: 


. Environmental 
Sac . Hardware 
. Software 
Communications 


The results of the survey concluded that, at this time, there 
are no vendors that can meet all of the design specifications 
on an available-for-delivery basis. 


3, Following is a synopsis of what is on the market now 
as well as those systems which are scheduled for Tempest 
Certification testing in the immediate £Uture. 


a. Systems Currently Holding Tempest Certification 


. CPT 8000T w/printer 

. Delta Data 2768T 

. DEC VT100-X 

. Lexitron VT1202T/1303T/1000T 
. NBI 3000 

. Wang WP-20/25/30 

. Xerox 860T 


b. Systems Undergoing Tempest Testing 
Burroughs RIII Series 


IBM Display Writer 
» Lanier 
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